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Abstract: - In last decade the main reason for projects failure is poor management of software. 
But now a day’s most of the organizations are focusing on software project management for 
making project successful. Software project management provides overall management of 
software from project planning phase to project execution. In software project management we 
also deal with risks that may occur during development of projects. In this paper we analyze 
risks during management of software and we resolve issues that come in software project risk 
management. We introduce some approaches by which we can resolve all the issues regarding 
software risk management. Risk management also suggests us that how we can avoid risks and if 
risks occur then how we can control those risks. By analyzing software risk management, we 
come to know that what factors affect risk management and how we can remove them. Software 
risk m'anagement manages all risks efficiently and makes our project successful. 
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1. INTRODUCTION 
Risk management is one of the important knowledge areas of software project management. But 
most of the organizations do not give importance to this knowledge area because risk 
management has lowest maturity rating as compared to other knowledge areas but it has high 
impact for making project successful [4]. Risk management provides all the strategies about risk 
handling including risk avoidance, risk prevention, risk identification, risk analysis and risk 
mitigation. Most of the projects have high risks and risks may occur at any time in software 
development process. If we want to enhance the functionality of our software, then we must deal 
with risks. There are many factors that make project successful and risk management is one of 
the greatest factors that are responsible for success of any project. Many errors that occur in 
software development depend upon risks. Risks occur due to many reasons including incomplete 
user requirements, human error, natural disaster, poor project objectives and lack of resources. 
One of the main reasons for creating risk is incomplete user requirements. If requirements are not 
completed and consistent then project will fail. Risk management is a complete process for 
handling risks and make project successful. It is a complete process from identifying risks to 
monitoring and controlling the risks. In Risk management we can also manage positive and 
negative risks. Positive risks are those risks that have good effect on project and negative risks 
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are those risks that negative effect on project. Positive risks cause project successful and negative 
risks cause project failure. So our main focus is to increase positive risks and reduce negative 
risks. Risk management is a process that directly connects with customer satisfaction. This 
satisfaction is called risk utility. It will be high for those people that want high satisfaction or that 
are risk seekers. And in risk neutral approach we make balance between risks and potential 
payoff. 

The paper is organized as follows. Next section we describe the methodology. Section 3 presents 
the results. In Section 4, we summarize our conclusion and last Section 5 represents 
acknowledgment and last section shows references. 


2. METHODOLOGY 

First, in this paper we discuss different aspects of software risk management. As risk 
management is process of removing uncertainties that may come in development of project. In 
risk management we firstly identify risks that may occur then we analyze those risks. After 
analyzing risks, we manage those risks. We analyze problems that occur in software risk 
management and also give valuable solution to resolve that problems. Risks are the main factors 
that come frequently in software project management. There are different kinds of risks that 
affect project management process like organizational risks, external risks and internal risks [7]. 

External risks mean risks that occur due to some government policies or due to any unwanted 
condition in country. For example, company will stop the project due to high political pressure. 
For resolving that kind of risks organization should recommend the project charter from high 
authorities of government so that organization can get maximum benefit from project. Because 
when project will recommend then project team will utilize all its resources without any fear to 
make project successful. Project should be morally and socially. It should be beneficial for 
society. This is another factor that should keep in mind when deal with such kind of risks. If we 
ignore these factors, then it will be a high chance that our project will fail. Internal risks mean 
risks that come due to human error, lack of resources, natural tragedy, incomplete user 
requirements and project complexity. Such risks cause project delay. Human error risk come 
when we assign tasks to a developer who does not know what should be done in project. Due to 
less expertise in software development human error will come. Due to that risk repute of an 
organization becomes bad and organization will lose its future projects. For resolving that risk 
organization should hire people that are domain specific and should have better software project 
management skills. However good developers will take more money but it is better to invest in 
start of project rather to lose the project. Lack of resources is also a big risk that comes in 
maximum software projects. Most of the organization start their projects without knowing either 
they have enough resources to complete this project or not. And this is the main reason for bad 
organization’s repute. In some cases, organizations have enough resources but it is high 
possibility that main software developer leaves organization during project development. 
Another problem is bad estimation of cost. In software project management we assign some cost 
to any project then it may be possible that project overruns that cost. In this case project will also 
fail. For resolving that issue we should attach some person with main software developer so that 
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if main developer leaves company then project should not stop. Secondly we should estimate 
cost of project accurately. Cost estimation should be based on requirements [1]. 

We decompose our project in many milestones and we assign cost to each milestone. When we 
assign cost to each milestone then it will help us to do the tasks within budget. These techniques 
will resolve our lack of resources related risks. Another big risk is incomplete user requirements. 
When requirement engineer takes requirement then it is high possibility that developer will 
confuse about those requirements because if requirements were written in natural language then 
there is a high chance of ambiguity. So requirements should be clear and complete. When we do 
requirement engineering of any project then it is necessary to take requirements that should 
complete and consistent. Consistent means that requirements should not conflict with one 
another. For resolving that issue organization should arrange some workshops for collecting 
requirements from users. Workshops will create a friendly atmosphere and user will discuss all 
his requirements with organization and if there is any ambiguity in any requirement then 
developer will directly ask from user about that requirement [3]. Second way to resolve that issue 
is to write the requirements in a proper standard format like software requirement specification. 
And as a result is failure of software project. For resolving that issue we decompose our project 
into small units. We assign each unit to a specific team. This approach will reduce the 
complexity of project. Organizational risks are those risks that may occur due to organizational 
policies and rules. So we should make project that fulfills organization standards. As risk 
management is a complete process of managing the risks so for dealing all the risks that may 
come in software project management we make a complete model that will handle all the issues 
regarding software risk management. It will also manage all the risks efficiently. When we 
develop any software then we avoid all the risks that may come in software management process. 
But if risks occur then we use a strategy for dealing with risks. Firstly we identify all the risks 
that occur during development of software. We write all the risks in tabular form with their 
description. After identification we analyze all the risks. In risk analysis we analyze which risk 
may occur most and which risk may occur less. We find probability of each risk in the project. 
Probability means we analyze how many times a risk may occur. We also find impact of each 
risk on the project. After analyzing impact, we multiply impact of each risk with the probability 
of that risk to find risk factor. So this whole process gives us total information about each risk. 
Based on risk analysis we determine which risk has most probability and which risk has less 
probability. By keeping probabilities in the mind we give priorities to all risks. Risks that have 
high priority will serve first and risks that have low probability will serve in the last [2]. We can 
represent risk analysis phase by table 1 (Risk Description). After analyzing all the risks, we 
move to third step of risk management which is risk mitigation. Risk mitigation is an approach 
by which we can reduce the scope of the risk. First we try our best to avoid risk but if risks occur 
then we do risk mitigation to handle with risks. In risks mitigation we do some actions to 
decrease the probability of risk and also its impact on the project. Risk mitigation has three 
approaches for managing risks. 

e Avoiding Risks 
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e Monitoring Risks 
e Contingency Planning/Possible planning 
In avoiding risk approach we make a complete project risk plan in which we define probability 


z = = = of each risk and also 
Risk Description Risk Probability Risk Impact Factor p g 

impact of each risk on 

the project [5]. The 

main advantage of risk 

plan is that we can 

avoid risks before 


occurrence. In 
monitoring risk approach we monitor all the risks that were mentioned in the risk plan. We check 
probability of each risk and also impact of each risk on the project. Monitoring of risks will help 
us to manage the risks efficiently. In monitoring we also check which risk has high probability 
and which risk has low probability so that we can give priority to risks and then dealing risks 
according to their priorities. 
In possible planning approach, we also find probability of each risk and do some actions for 
resolving risks issues as soon as possible. In possible planning phase we also make again whole 
the plan which includes all the details regarding risks but this plan is different from risk plan that 
we make in risk avoidance phase. Because in avoiding risk phase we make plan for risks that 
may occur in project. But in possible planning phase we make plan for the risks that occur in 
reality. So this whole risk management process gives us a complete path for handling risks in a 
better way. We can represent this risk management process by given figurel. 


Software Risk 
Management 


Risk Identification 


Figure 1: Software Risk Management 


The overall risk description, risk probability, risk impact and overall factor are given below in 
table: 
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External Risk (Political 0.8 10 3. RESULT 
Pressure, Safety Precautions Table 1Risk Descriptio) Risk Management 


Product Risks (Incomplete User Process gives us a 
Requirements, Lack of 0.4 32 complete path for 
understanding of project : ee. 3 
objectives) managing our risks in 
an efficient way. In risk 


Process Risks (Natural disaster, š A 4 
10 identification phase we 
human error) 
have complete 


Organizational Risks description of our risks. 

(Organizational Standards, 0.2 L2 . . . 

Organization rules and domain) : ' Risk analysis SILVES Us 
probability of each risk. 
It 


also gives us 
influence of each risk on the project. With the help of risk probability and risk impact we find 
risk factor of each risk. It also tell us which risk has highest priority and which has low priority. 
So with the risk analysis results we manage our risks according to priority based. Last approach 
which is risk mitigation reduces the scope of risk. 

We use this technique when risks occur. It reduces the scope of risks. Monitoring gives us overall 
Description of risks probability and gives us different ways to resolve risks. We use Contingency 
planning only when our original plan fails. Contingency planning that also called possible 


planning gives us alternative plan for dealing with risks. Possible planning also has complete 
plan for managing risks including risk description, risk probability, risks impact and risk factor. 
So this whole software risk management process gives us a complete framework for managing 
risks in an efficient way. 

4. CONCLUSION 
After Software risk management is a framework for dealing with different kinds of risks that 
occur in any project. It is a complete pathway for resolving all the issues regarding risks that 
occur in software project. Success of any project mostly depends upon its management. If 
software is well managed, then there is high possibility that project will success [8]. In software 
project management the factor that has greatest impact on software management process is risk. 
So most of the organizations have focus on software risk management. 
Software risk management gives us a complete strategy to avoiding risks, preventing its effect 
and managing those risks. It also gives us a better understanding of risks occurrences. It makes 
project easier and less time consuming. Software risk management reduces the complexity of 
project. Decisions can be taken easily based on risks. It improves overall software management 
process. It saves a lot of money of customer. It makes the environment of an organization risk 
friendly. It also maintains good repute of an organization. 
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